Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6EEA9BFE62F311F0BD38A93EC4F9AE02.roa
File:                     6EEA9BFE62F311F0BD38A93EC4F9AE02.roa (raw, json)
Hash identifier:          iR/YOzbjekmSgVZYi7XDtrq8jxsvmDKlkPCHLsfqJ9g=
Subject key identifier:   48:B3:D6:FD:63:AA:9A:40:D3:17:DE:B3:63:44:F9:AD:F3:58:C2:4A
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       28C4
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6EEA9BFE62F311F0BD38A93EC4F9AE02.roa
Signing time:             Thu 31 Jul 2025 06:10:18 +0000
ROA not before:           Thu 31 Jul 2025 06:10:18 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     43260
IP address blocks:        103.151.27.0/24 maxlen: 24
                          115.167.77.0/24 maxlen: 24
                          175.110.81.0/24 maxlen: 24
                          202.92.18.0/24 maxlen: 24
                          202.92.19.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
                          rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10436 (0x28c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Jul 31 06:10:18 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=688b08ca-20a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:57:2f:7b:be:ad:08:43:1b:90:41:94:fe:92:
                    b0:7e:77:d9:fc:39:24:7b:54:51:93:38:f7:d7:5e:
                    eb:f9:d5:5c:e3:73:04:e2:fb:15:7c:4e:c4:70:67:
                    30:18:63:f7:fd:d7:a9:bc:ed:1e:b6:09:18:03:41:
                    7e:41:32:bd:1d:0b:49:95:14:ec:1d:fc:69:ed:6c:
                    72:20:c0:69:44:31:f6:6b:cc:42:e9:69:e7:48:5f:
                    3e:0c:8a:86:9a:90:b8:6b:dd:88:3c:83:c8:87:2b:
                    ff:a6:8a:ea:bf:6c:c7:09:df:b8:6a:fa:58:be:f9:
                    c5:d0:3d:45:88:9a:4b:84:b4:cf:e7:21:f1:30:6a:
                    78:2b:6e:e8:05:d2:5e:22:b0:02:0d:c6:bb:ae:55:
                    10:51:73:54:68:61:07:1e:0e:a1:f5:0c:84:c5:ce:
                    f6:f8:0b:35:cd:87:0b:11:8a:bb:89:8c:41:21:ab:
                    94:33:78:fe:2a:4a:82:dc:2f:d1:25:6b:88:a2:64:
                    56:60:87:90:8d:da:b6:33:a4:25:6d:45:d0:c1:7a:
                    73:c3:ae:38:e9:c8:57:6a:ff:fb:08:2a:c1:6f:66:
                    26:a8:ca:dd:29:50:9d:b0:d6:78:bc:6d:c1:e5:0f:
                    29:82:b8:eb:c2:be:8b:e4:16:51:96:c7:36:2f:9a:
                    37:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B3:D6:FD:63:AA:9A:40:D3:17:DE:B3:63:44:F9:AD:F3:58:C2:4A
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6EEA9BFE62F311F0BD38A93EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.27.0/24
                  115.167.77.0/24
                  175.110.81.0/24
                  202.92.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:de:33:bc:9f:ea:7f:af:06:ad:a8:8f:8f:85:19:e6:71:2c:
         e6:4e:e8:fe:25:46:ea:0c:5a:7a:7e:b6:6c:16:4f:38:bb:36:
         2d:7b:19:ee:27:0e:71:3d:69:81:c3:2a:1e:4c:03:1f:8d:6d:
         fe:85:f7:17:da:0f:07:93:b8:90:c5:8d:06:f3:4e:a2:c4:db:
         61:cd:1a:7a:27:df:1b:6b:de:cd:8d:6d:e7:59:c7:96:37:da:
         96:31:fa:b9:36:1a:1a:a6:5b:4f:f7:8b:3f:28:6c:87:b4:00:
         7c:c5:be:9d:18:99:17:d0:dc:88:c1:69:66:f7:ca:4b:1c:e8:
         ec:7b:39:98:7e:c3:9a:16:09:43:68:7f:bf:80:b7:6e:53:49:
         6a:b6:1b:4e:4c:a0:11:c3:96:24:94:d3:9f:f9:44:8d:3a:0f:
         12:1b:fa:05:ef:0e:47:27:fb:8d:a7:98:37:c1:5a:08:ec:43:
         73:b6:2f:d9:04:6b:7c:9c:3b:61:3f:72:24:de:6c:6b:3f:b5:
         2a:98:d1:ae:3f:e9:6a:83:38:1e:a0:95:59:9d:e5:c1:e8:42:
         a7:76:61:37:5c:bb:13:5a:82:9f:3d:57:c7:ff:47:af:15:66:
         47:b7:7e:5b:5b:23:15:36:6a:86:57:d0:78:18:7c:d6:99:6b:
         3c:27:45:df
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICKMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwNzMxMDYxMDE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhiMDhjYS0yMGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Vcve76tCEMbkEGU/pKwfnfZ/Dkke1RRkzj3117r+dVc43ME4vsVfE7EcGcw
GGP3/depvO0etgkYA0F+QTK9HQtJlRTsHfxp7WxyIMBpRDH2a8xC6WnnSF8+DIqG
mpC4a92IPIPIhyv/porqv2zHCd+4avpYvvnF0D1FiJpLhLTP5yHxMGp4K27oBdJe
IrACDca7rlUQUXNUaGEHHg6h9QyExc72+As1zYcLEYq7iYxBIauUM3j+KkqC3C/R
JWuIomRWYIeQjdq2M6QlbUXQwXpzw6446chXav/7CCrBb2YmqMrdKVCdsNZ4vG3B
5Q8pgrjrwr6L5BZRlsc2L5o3CQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFEiz1v1j
qppA0xfes2NE+a3zWMJKMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNkVFQTlCRkU2
MkYzMTFGMEJEMzhBOTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnlxsDBABzp00DBACvblEDBAHKXBIwDQYJKoZIhvcNAQEL
BQADggEBAD3eM7yf6n+vBq2oj4+FGeZxLOZO6P4lRuoMWnp+tmwWTzi7Ni17Ge4n
DnE9aYHDKh5MAx+Nbf6F9xfaDweTuJDFjQbzTqLE22HNGnon3xtr3s2NbedZx5Y3
2pYx+rk2GhqmW0/3iz8obIe0AHzFvp0YmRfQ3IjBaWb3yksc6Ox7OZh+w5oWCUNo
f7+At25TSWq2G05MoBHDliSU05/5RI06DxIb+gXvDkcn+42nmDfBWgjsQ3O2L9kE
a3ycO2E/ciTebGs/tSqY0a4/6WqDOB6glVmd5cHoQqd2YTdcuxNagp89V8f/R68V
Zke3fltbIxU2aoZX0HgYfNaZazwnRd8=
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:12:23 2025 by rpki-client